The invention relates generally to computer security systems employing cryptographic techniques to secure information, and more particularly to computer network security systems using cryptographic techniques that employ public key certificate information.
In typical public-key cryptography systems, digital signature key pairs, such as a private key and public key, are used to authenticate a digital signature of a client to ensure that a message sent by a client actually came from the client sending the message. In addition to digital signature key pairs, encryption key pairs are also generally used to encrypt the data (which could include other cryptographic keys) being sent from one client to another client within the computer network. Certificates are generated by a manager or a trusted certification authority for the public keys of the private/public key pair to certify that the keys are authentic and are valid.
Each client, such as a network node computer stores a certification authority public key to verify that the certificate was made by the manager. A digital signature public key certificate typically includes a user public key, a user name and a signature of the certification authority. Each sender has a copy of its own certificate. To send an encrypted message, a sender accesses a directory, such as an onboard client cache memory or other certificate storage medium to get a copy of the encryption certificate for a specified receiver (other client). For a digitally signed message to be considered valid, the digital signature must be valid and the certificate containing the public key corresponding to the certificate must not have been revoked by the certification authority.
The public keys and certificates are used primarily for two main purposes: verifying digital signature and encrypting information. The receiver of a digitally signed E-mail or document for example, uses the public key in the senders certificate to verify the digital signature of the sender. A receiver validates the digital signature by looking at the received certificate. A public key certificate includes a public key which is bound to user name. The public key certificate also typically includes expiry data indicating the default expiration date or period for the public key certificate. Standard content of certificate revocation lists may be found for example in ISO standard X.509v3:1997. A certificate revocation list or revocation list distribution pointer may also be used which indicates a certificate revocation list in which the public key certificate would be referenced. The certificate revocation list memory may have a segmented certificate revocation list with associated distribution pointers as known in the art, to allow efficient distribution of revocation status information. A certificate revocation list is a list of uniquely-identifying serial numbers of revoked certificates, digitally signed by a trusted authority. For example, certificate revocation lists may be stored in a common repository for access by nodes (clients) in a networked computer system. A certificate revocation list may represent any suitable format. For example, the formats for noting revoked certificates may include: 1) a single revocation list; 2) a set of revocation lists (i.e., a segmentation of a set of revocation lists at various distribution points, the combination of which represents the entire set of revoked certificates; or 3) delta certificate revocation lists as described for example in standard X.509v3:1997 in combination with single revocation lists or segmented revocation lists.
A certificate may be revoked by a security officer through a security administration node or server if an employee is terminated or for other reasons, such as if a private key has been compromised. In addition, certificates can expire if an expiry period lapses. Also, certificate revocation lists have expiry dates. A client may know when to obtain a new certificate revocation list based on the expiry date. In some existing systems, clients store CRL's in cache memory and obtain a new CRL when the cached list expires or is no longer available to more efficiently process CRL's. Such systems may also issue a CRL earlier than originally scheduled. However, such cache memory cannot typically be disabled to facilitate immediate receipt or force acquisition of newly generated CRL's and therefore the client may not know that another unscheduled early CRL has been issued.
In conventional computer security systems, the security management server or certification authority typically collects revoked certificate data by queuing the data and publishes the revoked certificates with other currently revoked certificates on a periodic basis. However a problem arises with collecting and queuing revoked certificates since infrequent publishing can cause non-detection of revoked certificates thereby compromising the system.
Conversely, if certificate revocation lists are published too frequently, such as every ten minutes, a significant overhead burden is placed on the certification authority server (manager) which can significantly reduce the efficiency of the overall system particularly where a manager may serve hundreds of thousands of clients. Other systems are known which allow a client to cache certificate revocation lists for a period of time to reduce communication overhead with the manager. Some such known security systems for networked computers also segment certificate revocation list in repository memory to allow recordation of both revocation data and the expiry lapse data. However such systems again, typically only utilize certification authorities or managers that collect revoked certificates and queue them to publish them on a periodic basis with other existing revoked certificates.
Consequently, there exists a need for a cryptographic based computer network security system which provides a more efficient publication of the necessary certificate revocation information to clients in a system while maintaining proper security. Such a system should provide an improved solution for the problem of non-detection of revoked certificates.